Skip to main content

5 Tips to Help Protect Your Network from a DDoS Attack

While distributed denial of service (DDoS) attacks are nothing new, in the last year, we have seen larger, stealthier, more targeted and more sophisticated attacks than ever before, elevating the growing need for DDoS protection for companies of all sizes that conduct business online or are highly dependent on their online brand and reputation.
A denial-of-service (DoS) attack occurs when traffic is sent from one host to another computer with the intent of disrupting an online application or service. A DDoS attack occurs when multiple hosts (such as compromised PCs) are leveraged to carry out and amplify an attack. Attackers usually create the denial-of-service condition by either consuming server bandwidth or by impairing the server itself. Typical targets include Web servers, DNS servers, application servers, routers, firewalls, and Internet bandwidth. The following five tips can help you protect your online assets from a DDoS attack.

5 Tips for DDoS Protection:

  1. Centralize Data Gathering and Understand Trends: At the most basic level, successful DDoS protection involves knowing what to watch for, monitoring for unusual traffic patterns and activity, and staying abreast of what’s going on in the world to identify and validate potential/emerging attacks more rapidly to extract lessons learned into the appropriate incident response.
  2. Define a Clear Escalation Path: Systematic processes and methodology are essential for effective DDoS attack mitigation, such as having defined standard operating procedures and incident response teams in place. Also, it is important to prepare for downtime by understanding which systems are vital to your business, and developing and testing contingency plans for short-term (e.g., 1 hour), medium-term (e.g., 24 hours), and long-term (e.g., multiple-day) network or service outages.
  3. Use Layered Filtering: The goal of DDoS mitigation is to exclude only unwanted traffic while allowing legitimate traffic to enter the network with minimal delay. The most effective means to accomplish this is to use a multi-layered verification process.
  4. Build in Scalability and Flexibility: To make sure systems will function properly under attack conditions organizations must have a highly scalable, flexible infrastructure that has been tested in various scenarios to identify breaking points. It’s also important to use a distributed model to create and maintain redundancy for high-value applications and services.
  5. Address Application and Configuration Issues: DDoS attacks have evolved from brute force attacks at the network layer to more sophisticated, difficult-to-detect attacks at the application layer. Attackers can learn the acceptable threshold of activity for an individual application, and then sneak in as an unperceived increase in network traffic. In the overall context of the network, the increased traffic is not an issue, but if the targeted application has a low tolerance for high-volume traffic, the attack can take down the application.

Comments

Popular posts from this blog

Here Are 7 Brilliant Cheat Sheets For Linux/Unix

There's nothing better than a cheatsheet when you are stuck and need a reference. So here bringing to you 7 brilliant free cheat sheets. 




1. Unix Tool Box: An incredibly exhaustive reference for all things Linux. This document is a collection of Unix/Linux/BSD commands and tasks which are useful for IT work or for advanced users.

2. One page Linux Manual: Great one page reference to the most popular Linux commands, it is a summary of useful Linux commands.

3. Linux Reference Card: One great reference published by FOSSwire.

4. Linux Command Line Cheat Sheet: This is an interestingly sorted and helpful cheat sheet by cheatography.

5. Linux Command Line Tips: This is a linux command line reference for common operations. Cleanly sorted and well described.

6. Treebeard’s Unix Cheat Sheet: A great reference that shows command comparisons with that of DOS. So if you are someone who was a DOS user and has switched to Linux, this is the best one too have!

7. Linux Shortcuts and Commands:…

WhatsApp is illegal, will soon banned in India : Government

WhatsApp could have accidentally entered into troubled waters here in India by enabling its end-to-end encryption for all. The new security feature by WhatsApp is not what is required by the Indian telecom rules and WhatsApp could face a ban, if the rules are not adhered to. But not yet.
In India, companies need to follow the country’s rules and adhere to specific types of encryption, which WhatsApp does not currently use. WhatsApp’s end-to-end encryption on its chat service means that WhatsApp or anyone else won’t be able to crack open its contents.  Only the sender and the recipient are able to read the encrypted data. WhatsApp uses a 256-bit key for encryption of all chat messages, which is only known to the sender and the recipient.
Why is it not possible for WhatsApp to help decrypt users’ messages? "No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us," WhatsApp founders Jan Koum and Brian Acton wrote on their blog. How…

Ten Important Rules Of Ethical Hacking

The world of ethical hacking too is bound by a set of rules and principles, here are 10 crucial ones!

Time and again we have been bringing you valuable resources on ethical hacking since we know and understand the nature of things as far as security goes. Ethical hacking is picking up steam each day with more and more organisations spending heftily to maintain the sanctity of their systems and data. As such, ethical hacking is a glorious career option in the current scheme of things.



1.Set your goals straight

To begin with, an ethical hacker must start thinking like the intruder. He must be able to identify the loopholes on the target access points or networks that are prone to attack, he must be aware of the repercussions of these loopholes and how the intruder can use it against the same. An ethical hacker then has to find out if anyone at the target notice the intruder's attempts to carry out his/her acts. Finding out and eliminating unauthorised wireless access points is always t…